/srv/irclogs.ubuntu.com/2014/09/26/#ubuntu+1.txt

lordievaderGood morning.06:55
elfymorning lordievader07:23
lordievaderHey elfy, how are you?07:24
elfymostly good thanks :)07:25
elfyask me in 20 minutes when I'll know if I get my day off or have to go in :p07:26
lordievaderMostly good, hehe. Why only mostly? Missing your morning coffee?07:26
elfy:)07:27
elfyfully good now lordievader :p07:38
elfyhi PaulW2U07:38
lordievaderHehe07:39
PaulW2Uhi elfy, latest xubuntu is looking good07:39
elfyeven pink? :)07:40
PaulW2Uwell.....it was a surprise. i might get to like it :)07:40
elfy:)07:40
lordievaderPink? I Xubuntu pink these days?07:41
elfylordievader: custom highlights to surprise one of the team07:41
BluesKajHiyas all09:54
vitimitiHas it happened to anybody else that the perl module of hexchat is lost in Ubuntu Utopic?10:15
vitimitihi, btw10:16
elfyhi BluesKaj10:20
elfyvitimiti: I think I saw someone else mention it10:20
BluesKajhi elfy10:20
vitimitielfy, I have this problem that I have more than a thousand lines of script in perl and the perl module is not loaded10:21
elfyreport it then10:21
vitimitielfy, alright10:21
BluesKajstill waiting for the correct bash shell patch10:21
elfyvitimiti: check it's not been reported first10:22
vitimitielfy, yeah, I'm on it10:22
elfyBluesKaj: there was another in -proposed today :)10:22
BluesKajif it's in main, it tries to take out my desktop10:23
BluesKajdo you have the exact sources.list deb url elfy, I would appreciate it if you posted it10:26
BluesKajbash (4.3-9ubuntu3) utopic installed, but check still shows vulnerable...guess it's going to be a while this bash vulnerability is straightened out11:13
BluesKajuntil11:14
k1l_well, was the 2nd patch already pushed to utopic?11:15
elfyBluesKaj: sorry - didn't see your ping till it was too late11:15
BluesKajk1l_, dunno, how many patches are there?11:17
k1l_2, so far. one quick fix and one from last night11:19
k1l_http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7169.html11:20
ubottuGNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apac... (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169)11:20
k1l_well, 4.3-9ubuntu3 should be the fix11:21
BluesKajran this check and it shows I'm still vulnerable, unless the command isn't correct,  env check='Not vulnerable' x='() { :;}; check=Vulnerable' bash -c 'echo $check'11:22
k1l_for 14.04 this check gives me: not vulv11:22
k1l_*vulnerable11:22
BluesKajwell 14,10 here11:23
BluesKajso it.s the wrong patch for 14.1011:23
k1l_well yes. but the bash patches were made in one task. so something on 14.10 seems to not work like intended11:24
TJ-This is the patch: http://launchpadlibrarian.net/185797566/bash_4.3-9ubuntu2_4.3-9ubuntu3.diff.gz11:30
BluesKajTJ-, yes, that's what's installed but the vulnerability check for Kubuntu 14.10 still show vulnerable here11:41
TJ-BluesKaj: Interesting; I've seen someone else report on 1 out of 100 servers patched, the vulnerability test still comes back positive after a complete reboot, too11:42
BluesKajanyway i guess the priority is for 14.04 and official releases11:43
BluesKaji don't see any firmware updates available for my TP-Link TL-WDR3600 Router...that's probly more important anyway11:45
TJ-BluesKaj: Have you done a system reboot to check it?11:45
BluesKajTJ-, yes, there was a kernel upgrade as well11:46
TJ-BluesKaj: So, not caused by in-memory instances11:46
BluesKajTJ-, whatever that means :)11:50
TJ-BluesKaj: A package update only changes the files on the storage medium - any instances of a process running and in memory remain using the original code. That's why services have to be restarted after an upgrade11:51
TJ-BluesKaj: So existing bash shells wouldn't be fixed by simply installing the fixed package - the shells would need to be exited an re-opened to use the fixed code11:52
=== kbroulik is now known as kbroulik-lunch
lordievaderBluesKaj: Did you open a new bash instance to test the vunerablity?11:58
TJ-lordievader: The PC was rebooted12:01
lordievaderAh, never mind.12:02
xubuntu85wDoes anyone know if there is a bug in beta that prevents the use of encrypted installation? I can't unencrypt the disk on startup!12:08
xubuntu85whappend with beta1/212:09
TJ-xubuntu85w: Is the keyboard translation using some none ASCII characters, or no-US keyboard - it could be a simple key-code translation issue12:10
xubuntu85wPassword was "test" so I don't think so.12:11
TJ-xubuntu85w: :)12:13
xubuntu85wIt works fine with 14.04.1 but not with 14.10. What could have changed?12:14
TJ-xubuntu85w: You're using full disk encryption?12:15
xubuntu85wYes and also encrypted home folder.12:17
xubuntu85wAfter Installation cryptsetup fails to accept the password!?12:18
TJ-xubuntu85w: So you get a Plymouth splash screen prompting for the password? If instead of using that, you drop to the busybox shell and manually unlock the device, does it succeed?12:18
xubuntu85wI didn't try that yet.12:20
xubuntu85wHow to do it manually?12:21
TJ-xubuntu85w: cryptsetup luksOpen /dev/sdXY <device-mapper-name>12:24
BluesKajlordievader, sorry was away trying to fix the wireless KB for the desktop pc. yes I opened  terminal and ran the vulnerability check after rebooting12:32
xubuntu85wTJ I think it worked but what does it mean?12:36
TJ-xubuntu85w: If it worked, you'll have "/dev/mapper/<device-mapper-name>" ... and the system should be able to continue booting. So, that would indicate that plymouth isn't communicating with cryptsetup correctly12:38
xubuntu85wYes "dev/mapper/..." is there.12:41
xubuntu85wCan anyone else confirm this with a quick VM installation?12:43
=== kbroulik-lunch is now known as kbroulik
TJ-xubuntu85w: Confirmed13:18
TJ-xubuntu85w: Tapping Caps Lock a couple of times solved it for me13:19
xubuntu85wThanks for the feedback! How to report it?13:21
TJ-xubuntu85w: I'm checking whether it is a bug, or simply the system somehow having the shift key toggle locked on13:23
TJ-xubuntu85w: Looks like a Plymouth issue - using "debug --debug --verbose" instead of "quiet splash" I get the text console and prompt, and that worked fine13:26
xubuntu85wI tried holding Shift while typing the password, but that failed also.13:26
TJ-xubuntu85w: I toggled Caps Lock a couple times, then it worked fine13:26
xubuntu85wOkay, but I hope that it's easy to fix for the final release.13:28
TJ-Ouch! the initrd's conf/conf.d/cryptroot looks bad!13:29
xubuntu85wThat sounds like bad news although I don't know what it means.13:30
TJ-Ahhh, maybe OK. The initrd's cryptroot usually only has an entry for the root file-system in it, but here it has one for the swap partition too.13:32
xubuntu85wIn 14.04 swap didn't work with encrypted disk.13:35
TJ-xubuntu85w: It did on my systems13:36
BluesKajTJ-, we just had a problem art kubuyntu where an encrypted swap was mucking up the plasma desktop and kde in general13:37
BluesKajart=at13:38
BluesKajer #kubuntu :)13:38
xubuntu85wI had no swap after encrypted installation so I used file swap.13:39
BluesKajyeah I used file swap for a while tp preserve my partition table from logical partitioning13:40
TJ-BluesKaj: That one looks like the problem started *after* the user tried to remove and then re-configure encrypted swap. My bet would be, they didn't correctly reconfigure the swap, its not working, and therefore the system is running out of RAM13:40
xubuntu85whttp://ubuntuforums.org/showthread.php?t=222412913:43
BluesKajI would like to try LVM, but it's unfamiliar territory and reluctant to take the plunge13:44
TJ-BluesKaj: It's a lot of fun.... like a breath of fresh air compared to hard partitioning13:44
BluesKajTJ-, no doubt, how does one manage a dual boot setup etc13:45
TJ-BluesKaj: Well, lets say currently there's a partition of 60G for Linux, that can be assigned as an LVM Physical Volume (PV) instead, which is assigned to a Volume Group (VG). In that VG we can create as many Logical Volumes (LV) as we want, of any size, and keep some space (called 'extents') unallocated (FREE) for use later. File-systems are created inside LVs.13:49
TJ-BluesKaj: LVM won't affect Windows or dual-boot - GRUB still does all the same things, but it 'knows' how to read LVM volumes too13:49
BluesKajson the LVs are dynamic within the VG and the VG is a fixed size ?13:58
BluesKajson=so13:58
BluesKajTJ-,^13:59
TJ-BluesKaj: The LVs are fixed size... they can be whole disks or partitions. Many PVs can be assigned to a single VG. LVs within VGs can be any size that fits within the total extents (usually 4MB each) of the VG14:00
TJ-BluesKaj: LVs can be RAIDed across multiple PVs of the VG for resilience; snapshots of LVs can be taken for online backup, 'restore points' and so forth14:01
BluesKajok , I think i get the picture now14:02
TJ-BluesKaj: I appreciate it only needing a couple of commands to resize a file-system as needed: "lvresize + resize2fs" for example, to do an online resize of an EXT file-system14:04
lordievaderThat is nice ain't it :D14:04
lordievaderHmm, I'm out of space... there I have space again :)14:04
BluesKajyeah , instead having to muck about with gparted etc14:05
BluesKajerr instead of14:05
BluesKaji better find my glasses ..my old eyes are giving me a difficult time today14:06
TJ-BluesKaj: Add monitors :)14:11
TJ-BluesKaj: My biggest use of LVs is for transient virtual machine guest images for testing; for chroot's for testing and building packages, and so on.14:12
BluesKajTJ-, sometimes I use the TV as a monitor with the desktop media server pc when on IRC, but i'm using this laptop mostly these days and quite frankly the keyboard seems offset compared to the desktop types and it throws me off14:15
TJ-BluesKaj: I know the feeling - I've got 2 Apple Wireless bluetooth keyboards (the nice big 100 key versions), and the travel on the keys versus the laptop travel causes me lots of terrible typos14:17
BluesKajTJ-, nice KBs tho :)14:18
TJ-BluesKaj: Yeah, about the only Apple device I'll touch though :)14:19
TJ-I've got a bank of 6 monitors here so I have both keyboards connected and I can use them in front of particular monitors, rather than moving the keyboard about14:20
BluesKajsome kind of work station ?14:20
TJ-Laptop14:21
BluesKajwith 6 monitors ...that's quite a setup14:22
TJ-Dell XPS 1530 -> ExpressCard/34 -> ViDock 4 -> Nvidia Quadro NVS420 - adds 2 GPUs and 4 heads to the laptop's internal 2 heads (LVDS + HDMI)14:23
TJ-Each head drives a 1920x1200 LCD, 3 in portrait mode, 3 landscape, configured across 4 X screens14:26
ceed^I updated from 14.04 to 14.10 without problems. But I have a bunch gpg key not available error messages from apt with I run an update. I have tried to add the keys but the messages are still there. Any idea what may be the problem?15:12
TJ-ceed^: find out which keys are missing, and check the key-server and package containing keys - one or more for 14.10 is possibly not installed/updated correctly15:21
ceed^TJ-: So there's no way to have it check and download the missing keys? There's so many it's going to take a lot of time.15:24
TJ-ceed^: I suspect checking on one you may be able to identify the package containing it, (re)install that package, and fix many of the others too15:25
ceed^Sorry, I'm not very good with this. How do I find out which package has missing keys?15:27
ceed^These are all the error messages: http://hastebin.com/ilawenukes.mel15:28
TJ-ceed^:  look carefully - the main missing key is 40976EAF437D05B515:30
k1lsudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 40976EAF437D05B515:32
TJ-k1l: No! we're trying to figure out which package should have been installed that carries that key15:33
k1lhmm, ok15:33
TJ-ceed^: You can see which key that is using the Ubuntu key-server, with http://keyserver.ubuntu.com/pks/lookup?op=vindex&search=0x40976EAF437D05B5&fingerprint=on15:33
TJ-ceed^: The key's name is "Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>" which makes sense because it is for signing packages, so we need to figure out which package the system is missing, that contains that key15:34
k1l!info launchpad-getkeys15:34
ubottuPackage launchpad-getkeys does not exist in utopic15:34
TJ-The package should be "ubuntu-keyring"15:35
k1lyes15:36
TJ-ceed^: Try this, you should get the same result as me: "grep 'Ubuntu Archive Automatic Signing Key' /usr/share/keyrings/*" => "Binary file /usr/share/keyrings/ubuntu-archive-keyring.gpg matches"15:36
ceed^bash: grep 'Ubuntu Archive Automatic Signing Key' /usr/share/keyrings/*: No such file or directory15:39
TJ-ceed^: The postinst script should copy  " /usr/share/keyrings/ubuntu-archive-keyring.gpg" to "/var/lib/apt/keyrings/"15:39
TJ-ceed^: Ouch! something went seriously wrong with the upgrade15:40
ceed^TJ-: It did? Everything works fine except for those gpg errors I get15:41
TJ-ceed^: If ubuntu-keyrings was removed, and not replaced, that's a pretty big error15:41
TJ-ceed^: You need to manually download the .deb file, install it manually, and then it ought to work15:41
ceed^The ubuntu-keyrings deb?15:42
TJ-ceed^: The version in Utopic is: http://packages.ubuntu.com/utopic/ubuntu-keyring15:42
TJ-ceed^: You can download it with the link provided there: "wget http://archive.ubuntu.com/ubuntu/pool/main/u/ubuntu-keyring/ubuntu-keyring_2012.05.19_all.deb"15:43
ceed^When I try to install it it says: Error: no longer provides ubuntu-keyring15:43
TJ-ceed^: Then install it with "sudo dpkg -i ubuntu-keyring_2012.05.19_all.deb"15:43
TJ-Huh?15:44
ceed^I used gdebi tro try to install it15:44
ceed^I'll try from command line15:44
ceed^dpkg: error processing package ubuntu-keyring (--install):15:46
ceed^ subprocess installed post-installation script returned error exit status 215:46
ceed^Errors were encountered while processing:15:46
ceed^ ubuntu-keyring15:46
TJ-ceed^: Has the system run out of space on the root file-system ("df -h") ?15:47
ceed^TJ-: Nope, plenty of space on all partitions15:48
TJ-ceed^: run that script manually, let's see what is going on: "sudo sh -x /var/lib/dpkg/info/ubuntu-keyring.postinst"15:49
ceed^Here's the full output when I try to install: http://hastebin.com/ibihawuxuy.hs15:49
TJ-ceed^: The error is right there "resource limit"15:50
ceed^Not sure what that means, sorry :)15:50
ceed^When I run the script I get: http://hastebin.com/utapigudil.hs15:52
TJ-ceed^: I dealt with this same bug back in March, here's the appropriate report bug 126354015:53
ubottubug 1263540 in apt (Ubuntu) "Apt-get reports NO_PUBKEY gpg error for keys that are present in trusted.gpg." [Undecided,Confirmed] https://launchpad.net/bugs/126354015:53
TJ-ceed^: Check in particular comment #715:54
ceed^Will do, thanks!15:54
TJ-ceed^: In summary, you've added so many PPAs and other non-core repositories that GPG, the key-tool, cannot load all the trust files15:57
ceed^Ah ok16:16
ceed^So if I remove some of the ppa's I would be fine?16:17
TJ-ceed^: Yes, or any empty .gpg files in "/etc/apt/trusted.gpg.d/"16:21
ceed^I will have a look16:22
TJ-ceed^:  I do wonder if those files can be simply combined with 'cat' to make one file, but I don't feel like testing that idea right now :)16:22
ceed^Ok! :) Lots of old gunk in /etc/apt/trusted.gpg.d/ Cleaning house now.16:29
ceed^TJ-: That was all I had to do: Clean out old and empty gpg keys. apt-get update runs clean now. Thank you so much!16:33
TJ-ceed^: You're welcome - I had totally forgotten working on that same bug, until I was searching for the same thing :)16:33
ceed^TJ-: I think I have been removing repos and the keys have been left behind for a long time. Good to know there's a gotcha there if you do not keep it relatively clean :)16:35
vitimitihi22:41

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!